Skip to content

Latest commit

 

History

History
2847 lines (1794 loc) · 132 KB

adSecretBackend.java.md

File metadata and controls

2847 lines (1794 loc) · 132 KB

adSecretBackend Submodule

Constructs

AdSecretBackend

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend vault_ad_secret_backend}.

Initializers

import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;

AdSecretBackend.Builder.create(Construct scope, java.lang.String id)
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .binddn(java.lang.String)
    .bindpass(java.lang.String)
//  .anonymousGroupSearch(java.lang.Boolean)
//  .anonymousGroupSearch(IResolvable)
//  .backend(java.lang.String)
//  .caseSensitiveNames(java.lang.Boolean)
//  .caseSensitiveNames(IResolvable)
//  .certificate(java.lang.String)
//  .clientTlsCert(java.lang.String)
//  .clientTlsKey(java.lang.String)
//  .defaultLeaseTtlSeconds(java.lang.Number)
//  .denyNullBind(java.lang.Boolean)
//  .denyNullBind(IResolvable)
//  .description(java.lang.String)
//  .disableRemount(java.lang.Boolean)
//  .disableRemount(IResolvable)
//  .discoverdn(java.lang.Boolean)
//  .discoverdn(IResolvable)
//  .groupattr(java.lang.String)
//  .groupdn(java.lang.String)
//  .groupfilter(java.lang.String)
//  .id(java.lang.String)
//  .insecureTls(java.lang.Boolean)
//  .insecureTls(IResolvable)
//  .lastRotationTolerance(java.lang.Number)
//  .local(java.lang.Boolean)
//  .local(IResolvable)
//  .maxLeaseTtlSeconds(java.lang.Number)
//  .maxTtl(java.lang.Number)
//  .namespace(java.lang.String)
//  .passwordPolicy(java.lang.String)
//  .requestTimeout(java.lang.Number)
//  .starttls(java.lang.Boolean)
//  .starttls(IResolvable)
//  .tlsMaxVersion(java.lang.String)
//  .tlsMinVersion(java.lang.String)
//  .ttl(java.lang.Number)
//  .upndomain(java.lang.String)
//  .url(java.lang.String)
//  .usePre111GroupCnBehavior(java.lang.Boolean)
//  .usePre111GroupCnBehavior(IResolvable)
//  .userattr(java.lang.String)
//  .userdn(java.lang.String)
//  .useTokenGroups(java.lang.Boolean)
//  .useTokenGroups(IResolvable)
    .build();
Name Type Description
scope software.constructs.Construct The scope in which to define this construct.
id java.lang.String The scoped construct ID.
connection com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection No description.
count java.lang.Number OR com.hashicorp.cdktf.TerraformCount No description.
dependsOn java.util.List<com.hashicorp.cdktf.ITerraformDependable> No description.
forEach com.hashicorp.cdktf.ITerraformIterator No description.
lifecycle com.hashicorp.cdktf.TerraformResourceLifecycle No description.
provider com.hashicorp.cdktf.TerraformProvider No description.
provisioners java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> No description.
binddn java.lang.String Distinguished name of object to bind when performing user and group search.
bindpass java.lang.String LDAP password for searching for the user DN.
anonymousGroupSearch java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
backend java.lang.String The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".
caseSensitiveNames java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If true, case sensitivity will be used when comparing usernames and groups for matching policies.
certificate java.lang.String CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
clientTlsCert java.lang.String Client certificate to provide to the LDAP server, must be x509 PEM encoded.
clientTlsKey java.lang.String Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
defaultLeaseTtlSeconds java.lang.Number Default lease duration for secrets in seconds.
denyNullBind java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.
description java.lang.String Human-friendly description of the mount for the backend.
disableRemount java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If set, opts out of mount migration on path updates.
discoverdn java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Use anonymous bind to discover the bind DN of a user.
groupattr java.lang.String LDAP attribute to follow on objects returned by in order to enumerate user group membership.
groupdn java.lang.String LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
groupfilter java.lang.String Go template for querying group membership of user.
id java.lang.String Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.
insecureTls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.
lastRotationTolerance java.lang.Number The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.
local java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Mark the secrets engine as local-only.
maxLeaseTtlSeconds java.lang.Number Maximum possible lease duration for secrets in seconds.
maxTtl java.lang.Number In seconds, the maximum password time-to-live.
namespace java.lang.String Target namespace. (requires Enterprise).
passwordPolicy java.lang.String Name of the password policy to use to generate passwords.
requestTimeout java.lang.Number Timeout, in seconds, for the connection when making requests against the server before returning back an error.
starttls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Issue a StartTLS command after establishing unencrypted connection.
tlsMaxVersion java.lang.String Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
tlsMinVersion java.lang.String Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
ttl java.lang.Number In seconds, the default password time-to-live.
upndomain java.lang.String Enables userPrincipalDomain login with [username]@UPNDomain.
url java.lang.String LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
usePre111GroupCnBehavior java.lang.Boolean OR com.hashicorp.cdktf.IResolvable In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
userattr java.lang.String Attribute used for users (default: cn).
userdn java.lang.String LDAP domain to use for users (eg: ou=People,dc=example,dc=org).
useTokenGroups java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

scopeRequired
  • Type: software.constructs.Construct

The scope in which to define this construct.


idRequired
  • Type: java.lang.String

The scoped construct ID.

Must be unique amongst siblings in the same scope


connectionOptional
  • Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

countOptional
  • Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

dependsOnOptional
  • Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

forEachOptional
  • Type: com.hashicorp.cdktf.ITerraformIterator

lifecycleOptional
  • Type: com.hashicorp.cdktf.TerraformResourceLifecycle

providerOptional
  • Type: com.hashicorp.cdktf.TerraformProvider

provisionersOptional
  • Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

binddnRequired
  • Type: java.lang.String

Distinguished name of object to bind when performing user and group search.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#binddn AdSecretBackend#binddn}


bindpassRequired
  • Type: java.lang.String

LDAP password for searching for the user DN.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#bindpass AdSecretBackend#bindpass}


anonymousGroupSearchOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#anonymous_group_search AdSecretBackend#anonymous_group_search}


backendOptional
  • Type: java.lang.String

The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#backend AdSecretBackend#backend}


caseSensitiveNamesOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, case sensitivity will be used when comparing usernames and groups for matching policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#case_sensitive_names AdSecretBackend#case_sensitive_names}


certificateOptional
  • Type: java.lang.String

CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#certificate AdSecretBackend#certificate}


clientTlsCertOptional
  • Type: java.lang.String

Client certificate to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_cert AdSecretBackend#client_tls_cert}


clientTlsKeyOptional
  • Type: java.lang.String

Client certificate key to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_key AdSecretBackend#client_tls_key}


defaultLeaseTtlSecondsOptional
  • Type: java.lang.Number

Default lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#default_lease_ttl_seconds AdSecretBackend#default_lease_ttl_seconds}


denyNullBindOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#deny_null_bind AdSecretBackend#deny_null_bind}


descriptionOptional
  • Type: java.lang.String

Human-friendly description of the mount for the backend.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#description AdSecretBackend#description}


disableRemountOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If set, opts out of mount migration on path updates.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#disable_remount AdSecretBackend#disable_remount}


discoverdnOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Use anonymous bind to discover the bind DN of a user.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#discoverdn AdSecretBackend#discoverdn}


groupattrOptional
  • Type: java.lang.String

LDAP attribute to follow on objects returned by in order to enumerate user group membership.

Examples: "cn" or "memberOf", etc. Default: cn

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupattr AdSecretBackend#groupattr}


groupdnOptional
  • Type: java.lang.String

LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupdn AdSecretBackend#groupdn}


groupfilterOptional
  • Type: java.lang.String

Go template for querying group membership of user.

The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupfilter AdSecretBackend#groupfilter}


idOptional
  • Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.


insecureTlsOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#insecure_tls AdSecretBackend#insecure_tls}


lastRotationToleranceOptional
  • Type: java.lang.Number

The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#last_rotation_tolerance AdSecretBackend#last_rotation_tolerance}


localOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Mark the secrets engine as local-only.

Local engines are not replicated or removed by replication.Tolerance duration to use when checking the last rotation time.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#local AdSecretBackend#local}


maxLeaseTtlSecondsOptional
  • Type: java.lang.Number

Maximum possible lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_lease_ttl_seconds AdSecretBackend#max_lease_ttl_seconds}


maxTtlOptional
  • Type: java.lang.Number

In seconds, the maximum password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_ttl AdSecretBackend#max_ttl}


namespaceOptional
  • Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#namespace AdSecretBackend#namespace}


passwordPolicyOptional
  • Type: java.lang.String

Name of the password policy to use to generate passwords.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#password_policy AdSecretBackend#password_policy}


requestTimeoutOptional
  • Type: java.lang.Number

Timeout, in seconds, for the connection when making requests against the server before returning back an error.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#request_timeout AdSecretBackend#request_timeout}


starttlsOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Issue a StartTLS command after establishing unencrypted connection.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#starttls AdSecretBackend#starttls}


tlsMaxVersionOptional
  • Type: java.lang.String

Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_max_version AdSecretBackend#tls_max_version}


tlsMinVersionOptional
  • Type: java.lang.String

Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_min_version AdSecretBackend#tls_min_version}


ttlOptional
  • Type: java.lang.Number

In seconds, the default password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#ttl AdSecretBackend#ttl}


upndomainOptional
  • Type: java.lang.String

Enables userPrincipalDomain login with [username]@UPNDomain.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#upndomain AdSecretBackend#upndomain}


urlOptional
  • Type: java.lang.String

LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#url AdSecretBackend#url}


usePre111GroupCnBehaviorOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_pre111_group_cn_behavior AdSecretBackend#use_pre111_group_cn_behavior}


userattrOptional
  • Type: java.lang.String

Attribute used for users (default: cn).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userattr AdSecretBackend#userattr}


userdnOptional
  • Type: java.lang.String

LDAP domain to use for users (eg: ou=People,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userdn AdSecretBackend#userdn}


useTokenGroupsOptional
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

This will find all security groups including nested ones.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_token_groups AdSecretBackend#use_token_groups}


Methods

Name Description
toString Returns a string representation of this construct.
addOverride No description.
overrideLogicalId Overrides the auto-generated logical ID with a specific ID.
resetOverrideLogicalId Resets a previously passed logical Id to use the auto-generated logical id again.
toHclTerraform No description.
toMetadata No description.
toTerraform Adds this resource to the terraform JSON output.
addMoveTarget Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
getAnyMapAttribute No description.
getBooleanAttribute No description.
getBooleanMapAttribute No description.
getListAttribute No description.
getNumberAttribute No description.
getNumberListAttribute No description.
getNumberMapAttribute No description.
getStringAttribute No description.
getStringMapAttribute No description.
hasResourceMove No description.
importFrom No description.
interpolationForAttribute No description.
moveFromId Move the resource corresponding to "id" to this resource.
moveTo Moves this resource to the target resource given by moveTarget.
moveToId Moves this resource to the resource corresponding to "id".
resetAnonymousGroupSearch No description.
resetBackend No description.
resetCaseSensitiveNames No description.
resetCertificate No description.
resetClientTlsCert No description.
resetClientTlsKey No description.
resetDefaultLeaseTtlSeconds No description.
resetDenyNullBind No description.
resetDescription No description.
resetDisableRemount No description.
resetDiscoverdn No description.
resetGroupattr No description.
resetGroupdn No description.
resetGroupfilter No description.
resetId No description.
resetInsecureTls No description.
resetLastRotationTolerance No description.
resetLocal No description.
resetMaxLeaseTtlSeconds No description.
resetMaxTtl No description.
resetNamespace No description.
resetPasswordPolicy No description.
resetRequestTimeout No description.
resetStarttls No description.
resetTlsMaxVersion No description.
resetTlsMinVersion No description.
resetTtl No description.
resetUpndomain No description.
resetUrl No description.
resetUsePre111GroupCnBehavior No description.
resetUserattr No description.
resetUserdn No description.
resetUseTokenGroups No description.

toString
public java.lang.String toString()

Returns a string representation of this construct.

addOverride
public void addOverride(java.lang.String path, java.lang.Object value)
pathRequired
  • Type: java.lang.String

valueRequired
  • Type: java.lang.Object

overrideLogicalId
public void overrideLogicalId(java.lang.String newLogicalId)

Overrides the auto-generated logical ID with a specific ID.

newLogicalIdRequired
  • Type: java.lang.String

The new logical ID to use for this stack element.


resetOverrideLogicalId
public void resetOverrideLogicalId()

Resets a previously passed logical Id to use the auto-generated logical id again.

toHclTerraform
public java.lang.Object toHclTerraform()
toMetadata
public java.lang.Object toMetadata()
toTerraform
public java.lang.Object toTerraform()

Adds this resource to the terraform JSON output.

addMoveTarget
public void addMoveTarget(java.lang.String moveTarget)

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

moveTargetRequired
  • Type: java.lang.String

The string move target that will correspond to this resource.


getAnyMapAttribute
public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getBooleanAttribute
public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getBooleanMapAttribute
public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getListAttribute
public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getNumberAttribute
public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getNumberListAttribute
public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getNumberMapAttribute
public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getStringAttribute
public java.lang.String getStringAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

getStringMapAttribute
public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

hasResourceMove
public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()
importFrom
public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)
idRequired
  • Type: java.lang.String

providerOptional
  • Type: com.hashicorp.cdktf.TerraformProvider

interpolationForAttribute
public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)
terraformAttributeRequired
  • Type: java.lang.String

moveFromId
public void moveFromId(java.lang.String id)

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

idRequired
  • Type: java.lang.String

Full id of resource being moved from, e.g. "aws_s3_bucket.example".


moveTo
public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)

Moves this resource to the target resource given by moveTarget.

moveTargetRequired
  • Type: java.lang.String

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.


indexOptional
  • Type: java.lang.String OR java.lang.Number

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.


moveToId
public void moveToId(java.lang.String id)

Moves this resource to the resource corresponding to "id".

idRequired
  • Type: java.lang.String

Full id of resource to move to, e.g. "aws_s3_bucket.example".


resetAnonymousGroupSearch
public void resetAnonymousGroupSearch()
resetBackend
public void resetBackend()
resetCaseSensitiveNames
public void resetCaseSensitiveNames()
resetCertificate
public void resetCertificate()
resetClientTlsCert
public void resetClientTlsCert()
resetClientTlsKey
public void resetClientTlsKey()
resetDefaultLeaseTtlSeconds
public void resetDefaultLeaseTtlSeconds()
resetDenyNullBind
public void resetDenyNullBind()
resetDescription
public void resetDescription()
resetDisableRemount
public void resetDisableRemount()
resetDiscoverdn
public void resetDiscoverdn()
resetGroupattr
public void resetGroupattr()
resetGroupdn
public void resetGroupdn()
resetGroupfilter
public void resetGroupfilter()
resetId
public void resetId()
resetInsecureTls
public void resetInsecureTls()
resetLastRotationTolerance
public void resetLastRotationTolerance()
resetLocal
public void resetLocal()
resetMaxLeaseTtlSeconds
public void resetMaxLeaseTtlSeconds()
resetMaxTtl
public void resetMaxTtl()
resetNamespace
public void resetNamespace()
resetPasswordPolicy
public void resetPasswordPolicy()
resetRequestTimeout
public void resetRequestTimeout()
resetStarttls
public void resetStarttls()
resetTlsMaxVersion
public void resetTlsMaxVersion()
resetTlsMinVersion
public void resetTlsMinVersion()
resetTtl
public void resetTtl()
resetUpndomain
public void resetUpndomain()
resetUrl
public void resetUrl()
resetUsePre111GroupCnBehavior
public void resetUsePre111GroupCnBehavior()
resetUserattr
public void resetUserattr()
resetUserdn
public void resetUserdn()
resetUseTokenGroups
public void resetUseTokenGroups()

Static Functions

Name Description
isConstruct Checks if x is a construct.
isTerraformElement No description.
isTerraformResource No description.
generateConfigForImport Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ".

isConstruct
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;

AdSecretBackend.isConstruct(java.lang.Object x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: java.lang.Object

Any object.


isTerraformElement
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;

AdSecretBackend.isTerraformElement(java.lang.Object x)
xRequired
  • Type: java.lang.Object

isTerraformResource
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;

AdSecretBackend.isTerraformResource(java.lang.Object x)
xRequired
  • Type: java.lang.Object

generateConfigForImport
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;

AdSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),AdSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)

Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ".

scopeRequired
  • Type: software.constructs.Construct

The scope in which to define this construct.


importToIdRequired
  • Type: java.lang.String

The construct id used in the generated config for the AdSecretBackend to import.


importFromIdRequired
  • Type: java.lang.String

The id of the existing AdSecretBackend that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#import import section} in the documentation of this resource for the id to use


providerOptional
  • Type: com.hashicorp.cdktf.TerraformProvider

? Optional instance of the provider where the AdSecretBackend to import is found.


Properties

Name Type Description
node software.constructs.Node The tree node.
cdktfStack com.hashicorp.cdktf.TerraformStack No description.
fqn java.lang.String No description.
friendlyUniqueId java.lang.String No description.
terraformMetaArguments java.util.Map<java.lang.String, java.lang.Object> No description.
terraformResourceType java.lang.String No description.
terraformGeneratorMetadata com.hashicorp.cdktf.TerraformProviderGeneratorMetadata No description.
connection com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection No description.
count java.lang.Number OR com.hashicorp.cdktf.TerraformCount No description.
dependsOn java.util.List<java.lang.String> No description.
forEach com.hashicorp.cdktf.ITerraformIterator No description.
lifecycle com.hashicorp.cdktf.TerraformResourceLifecycle No description.
provider com.hashicorp.cdktf.TerraformProvider No description.
provisioners java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> No description.
anonymousGroupSearchInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
backendInput java.lang.String No description.
binddnInput java.lang.String No description.
bindpassInput java.lang.String No description.
caseSensitiveNamesInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
certificateInput java.lang.String No description.
clientTlsCertInput java.lang.String No description.
clientTlsKeyInput java.lang.String No description.
defaultLeaseTtlSecondsInput java.lang.Number No description.
denyNullBindInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
descriptionInput java.lang.String No description.
disableRemountInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
discoverdnInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
groupattrInput java.lang.String No description.
groupdnInput java.lang.String No description.
groupfilterInput java.lang.String No description.
idInput java.lang.String No description.
insecureTlsInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
lastRotationToleranceInput java.lang.Number No description.
localInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
maxLeaseTtlSecondsInput java.lang.Number No description.
maxTtlInput java.lang.Number No description.
namespaceInput java.lang.String No description.
passwordPolicyInput java.lang.String No description.
requestTimeoutInput java.lang.Number No description.
starttlsInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
tlsMaxVersionInput java.lang.String No description.
tlsMinVersionInput java.lang.String No description.
ttlInput java.lang.Number No description.
upndomainInput java.lang.String No description.
urlInput java.lang.String No description.
usePre111GroupCnBehaviorInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
userattrInput java.lang.String No description.
userdnInput java.lang.String No description.
useTokenGroupsInput java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
anonymousGroupSearch java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
backend java.lang.String No description.
binddn java.lang.String No description.
bindpass java.lang.String No description.
caseSensitiveNames java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
certificate java.lang.String No description.
clientTlsCert java.lang.String No description.
clientTlsKey java.lang.String No description.
defaultLeaseTtlSeconds java.lang.Number No description.
denyNullBind java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
description java.lang.String No description.
disableRemount java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
discoverdn java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
groupattr java.lang.String No description.
groupdn java.lang.String No description.
groupfilter java.lang.String No description.
id java.lang.String No description.
insecureTls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
lastRotationTolerance java.lang.Number No description.
local java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
maxLeaseTtlSeconds java.lang.Number No description.
maxTtl java.lang.Number No description.
namespace java.lang.String No description.
passwordPolicy java.lang.String No description.
requestTimeout java.lang.Number No description.
starttls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
tlsMaxVersion java.lang.String No description.
tlsMinVersion java.lang.String No description.
ttl java.lang.Number No description.
upndomain java.lang.String No description.
url java.lang.String No description.
usePre111GroupCnBehavior java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.
userattr java.lang.String No description.
userdn java.lang.String No description.
useTokenGroups java.lang.Boolean OR com.hashicorp.cdktf.IResolvable No description.

nodeRequired
public Node getNode();
  • Type: software.constructs.Node

The tree node.


cdktfStackRequired
public TerraformStack getCdktfStack();
  • Type: com.hashicorp.cdktf.TerraformStack

fqnRequired
public java.lang.String getFqn();
  • Type: java.lang.String

friendlyUniqueIdRequired
public java.lang.String getFriendlyUniqueId();
  • Type: java.lang.String

terraformMetaArgumentsRequired
public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();
  • Type: java.util.Map<java.lang.String, java.lang.Object>

terraformResourceTypeRequired
public java.lang.String getTerraformResourceType();
  • Type: java.lang.String

terraformGeneratorMetadataOptional
public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();
  • Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata

connectionOptional
public java.lang.Object getConnection();
  • Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

countOptional
public java.lang.Object getCount();
  • Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

dependsOnOptional
public java.util.List<java.lang.String> getDependsOn();
  • Type: java.util.List<java.lang.String>

forEachOptional
public ITerraformIterator getForEach();
  • Type: com.hashicorp.cdktf.ITerraformIterator

lifecycleOptional
public TerraformResourceLifecycle getLifecycle();
  • Type: com.hashicorp.cdktf.TerraformResourceLifecycle

providerOptional
public TerraformProvider getProvider();
  • Type: com.hashicorp.cdktf.TerraformProvider

provisionersOptional
public java.lang.Object getProvisioners();
  • Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

anonymousGroupSearchInputOptional
public java.lang.Object getAnonymousGroupSearchInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

backendInputOptional
public java.lang.String getBackendInput();
  • Type: java.lang.String

binddnInputOptional
public java.lang.String getBinddnInput();
  • Type: java.lang.String

bindpassInputOptional
public java.lang.String getBindpassInput();
  • Type: java.lang.String

caseSensitiveNamesInputOptional
public java.lang.Object getCaseSensitiveNamesInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

certificateInputOptional
public java.lang.String getCertificateInput();
  • Type: java.lang.String

clientTlsCertInputOptional
public java.lang.String getClientTlsCertInput();
  • Type: java.lang.String

clientTlsKeyInputOptional
public java.lang.String getClientTlsKeyInput();
  • Type: java.lang.String

defaultLeaseTtlSecondsInputOptional
public java.lang.Number getDefaultLeaseTtlSecondsInput();
  • Type: java.lang.Number

denyNullBindInputOptional
public java.lang.Object getDenyNullBindInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

descriptionInputOptional
public java.lang.String getDescriptionInput();
  • Type: java.lang.String

disableRemountInputOptional
public java.lang.Object getDisableRemountInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

discoverdnInputOptional
public java.lang.Object getDiscoverdnInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

groupattrInputOptional
public java.lang.String getGroupattrInput();
  • Type: java.lang.String

groupdnInputOptional
public java.lang.String getGroupdnInput();
  • Type: java.lang.String

groupfilterInputOptional
public java.lang.String getGroupfilterInput();
  • Type: java.lang.String

idInputOptional
public java.lang.String getIdInput();
  • Type: java.lang.String

insecureTlsInputOptional
public java.lang.Object getInsecureTlsInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

lastRotationToleranceInputOptional
public java.lang.Number getLastRotationToleranceInput();
  • Type: java.lang.Number

localInputOptional
public java.lang.Object getLocalInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

maxLeaseTtlSecondsInputOptional
public java.lang.Number getMaxLeaseTtlSecondsInput();
  • Type: java.lang.Number

maxTtlInputOptional
public java.lang.Number getMaxTtlInput();
  • Type: java.lang.Number

namespaceInputOptional
public java.lang.String getNamespaceInput();
  • Type: java.lang.String

passwordPolicyInputOptional
public java.lang.String getPasswordPolicyInput();
  • Type: java.lang.String

requestTimeoutInputOptional
public java.lang.Number getRequestTimeoutInput();
  • Type: java.lang.Number

starttlsInputOptional
public java.lang.Object getStarttlsInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

tlsMaxVersionInputOptional
public java.lang.String getTlsMaxVersionInput();
  • Type: java.lang.String

tlsMinVersionInputOptional
public java.lang.String getTlsMinVersionInput();
  • Type: java.lang.String

ttlInputOptional
public java.lang.Number getTtlInput();
  • Type: java.lang.Number

upndomainInputOptional
public java.lang.String getUpndomainInput();
  • Type: java.lang.String

urlInputOptional
public java.lang.String getUrlInput();
  • Type: java.lang.String

usePre111GroupCnBehaviorInputOptional
public java.lang.Object getUsePre111GroupCnBehaviorInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

userattrInputOptional
public java.lang.String getUserattrInput();
  • Type: java.lang.String

userdnInputOptional
public java.lang.String getUserdnInput();
  • Type: java.lang.String

useTokenGroupsInputOptional
public java.lang.Object getUseTokenGroupsInput();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

anonymousGroupSearchRequired
public java.lang.Object getAnonymousGroupSearch();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

backendRequired
public java.lang.String getBackend();
  • Type: java.lang.String

binddnRequired
public java.lang.String getBinddn();
  • Type: java.lang.String

bindpassRequired
public java.lang.String getBindpass();
  • Type: java.lang.String

caseSensitiveNamesRequired
public java.lang.Object getCaseSensitiveNames();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

certificateRequired
public java.lang.String getCertificate();
  • Type: java.lang.String

clientTlsCertRequired
public java.lang.String getClientTlsCert();
  • Type: java.lang.String

clientTlsKeyRequired
public java.lang.String getClientTlsKey();
  • Type: java.lang.String

defaultLeaseTtlSecondsRequired
public java.lang.Number getDefaultLeaseTtlSeconds();
  • Type: java.lang.Number

denyNullBindRequired
public java.lang.Object getDenyNullBind();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

descriptionRequired
public java.lang.String getDescription();
  • Type: java.lang.String

disableRemountRequired
public java.lang.Object getDisableRemount();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

discoverdnRequired
public java.lang.Object getDiscoverdn();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

groupattrRequired
public java.lang.String getGroupattr();
  • Type: java.lang.String

groupdnRequired
public java.lang.String getGroupdn();
  • Type: java.lang.String

groupfilterRequired
public java.lang.String getGroupfilter();
  • Type: java.lang.String

idRequired
public java.lang.String getId();
  • Type: java.lang.String

insecureTlsRequired
public java.lang.Object getInsecureTls();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

lastRotationToleranceRequired
public java.lang.Number getLastRotationTolerance();
  • Type: java.lang.Number

localRequired
public java.lang.Object getLocal();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

maxLeaseTtlSecondsRequired
public java.lang.Number getMaxLeaseTtlSeconds();
  • Type: java.lang.Number

maxTtlRequired
public java.lang.Number getMaxTtl();
  • Type: java.lang.Number

namespaceRequired
public java.lang.String getNamespace();
  • Type: java.lang.String

passwordPolicyRequired
public java.lang.String getPasswordPolicy();
  • Type: java.lang.String

requestTimeoutRequired
public java.lang.Number getRequestTimeout();
  • Type: java.lang.Number

starttlsRequired
public java.lang.Object getStarttls();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

tlsMaxVersionRequired
public java.lang.String getTlsMaxVersion();
  • Type: java.lang.String

tlsMinVersionRequired
public java.lang.String getTlsMinVersion();
  • Type: java.lang.String

ttlRequired
public java.lang.Number getTtl();
  • Type: java.lang.Number

upndomainRequired
public java.lang.String getUpndomain();
  • Type: java.lang.String

urlRequired
public java.lang.String getUrl();
  • Type: java.lang.String

usePre111GroupCnBehaviorRequired
public java.lang.Object getUsePre111GroupCnBehavior();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

userattrRequired
public java.lang.String getUserattr();
  • Type: java.lang.String

userdnRequired
public java.lang.String getUserdn();
  • Type: java.lang.String

useTokenGroupsRequired
public java.lang.Object getUseTokenGroups();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Constants

Name Type Description
tfResourceType java.lang.String No description.

tfResourceTypeRequired
public java.lang.String getTfResourceType();
  • Type: java.lang.String

Structs

AdSecretBackendConfig

Initializer

import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackendConfig;

AdSecretBackendConfig.builder()
//  .connection(SSHProvisionerConnection)
//  .connection(WinrmProvisionerConnection)
//  .count(java.lang.Number)
//  .count(TerraformCount)
//  .dependsOn(java.util.List<ITerraformDependable>)
//  .forEach(ITerraformIterator)
//  .lifecycle(TerraformResourceLifecycle)
//  .provider(TerraformProvider)
//  .provisioners(java.util.List<FileProvisioner)
//  .provisioners(LocalExecProvisioner)
//  .provisioners(RemoteExecProvisioner>)
    .binddn(java.lang.String)
    .bindpass(java.lang.String)
//  .anonymousGroupSearch(java.lang.Boolean)
//  .anonymousGroupSearch(IResolvable)
//  .backend(java.lang.String)
//  .caseSensitiveNames(java.lang.Boolean)
//  .caseSensitiveNames(IResolvable)
//  .certificate(java.lang.String)
//  .clientTlsCert(java.lang.String)
//  .clientTlsKey(java.lang.String)
//  .defaultLeaseTtlSeconds(java.lang.Number)
//  .denyNullBind(java.lang.Boolean)
//  .denyNullBind(IResolvable)
//  .description(java.lang.String)
//  .disableRemount(java.lang.Boolean)
//  .disableRemount(IResolvable)
//  .discoverdn(java.lang.Boolean)
//  .discoverdn(IResolvable)
//  .groupattr(java.lang.String)
//  .groupdn(java.lang.String)
//  .groupfilter(java.lang.String)
//  .id(java.lang.String)
//  .insecureTls(java.lang.Boolean)
//  .insecureTls(IResolvable)
//  .lastRotationTolerance(java.lang.Number)
//  .local(java.lang.Boolean)
//  .local(IResolvable)
//  .maxLeaseTtlSeconds(java.lang.Number)
//  .maxTtl(java.lang.Number)
//  .namespace(java.lang.String)
//  .passwordPolicy(java.lang.String)
//  .requestTimeout(java.lang.Number)
//  .starttls(java.lang.Boolean)
//  .starttls(IResolvable)
//  .tlsMaxVersion(java.lang.String)
//  .tlsMinVersion(java.lang.String)
//  .ttl(java.lang.Number)
//  .upndomain(java.lang.String)
//  .url(java.lang.String)
//  .usePre111GroupCnBehavior(java.lang.Boolean)
//  .usePre111GroupCnBehavior(IResolvable)
//  .userattr(java.lang.String)
//  .userdn(java.lang.String)
//  .useTokenGroups(java.lang.Boolean)
//  .useTokenGroups(IResolvable)
    .build();

Properties

Name Type Description
connection com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection No description.
count java.lang.Number OR com.hashicorp.cdktf.TerraformCount No description.
dependsOn java.util.List<com.hashicorp.cdktf.ITerraformDependable> No description.
forEach com.hashicorp.cdktf.ITerraformIterator No description.
lifecycle com.hashicorp.cdktf.TerraformResourceLifecycle No description.
provider com.hashicorp.cdktf.TerraformProvider No description.
provisioners java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> No description.
binddn java.lang.String Distinguished name of object to bind when performing user and group search.
bindpass java.lang.String LDAP password for searching for the user DN.
anonymousGroupSearch java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
backend java.lang.String The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".
caseSensitiveNames java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If true, case sensitivity will be used when comparing usernames and groups for matching policies.
certificate java.lang.String CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
clientTlsCert java.lang.String Client certificate to provide to the LDAP server, must be x509 PEM encoded.
clientTlsKey java.lang.String Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
defaultLeaseTtlSeconds java.lang.Number Default lease duration for secrets in seconds.
denyNullBind java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.
description java.lang.String Human-friendly description of the mount for the backend.
disableRemount java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If set, opts out of mount migration on path updates.
discoverdn java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Use anonymous bind to discover the bind DN of a user.
groupattr java.lang.String LDAP attribute to follow on objects returned by in order to enumerate user group membership.
groupdn java.lang.String LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
groupfilter java.lang.String Go template for querying group membership of user.
id java.lang.String Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.
insecureTls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.
lastRotationTolerance java.lang.Number The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.
local java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Mark the secrets engine as local-only.
maxLeaseTtlSeconds java.lang.Number Maximum possible lease duration for secrets in seconds.
maxTtl java.lang.Number In seconds, the maximum password time-to-live.
namespace java.lang.String Target namespace. (requires Enterprise).
passwordPolicy java.lang.String Name of the password policy to use to generate passwords.
requestTimeout java.lang.Number Timeout, in seconds, for the connection when making requests against the server before returning back an error.
starttls java.lang.Boolean OR com.hashicorp.cdktf.IResolvable Issue a StartTLS command after establishing unencrypted connection.
tlsMaxVersion java.lang.String Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
tlsMinVersion java.lang.String Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
ttl java.lang.Number In seconds, the default password time-to-live.
upndomain java.lang.String Enables userPrincipalDomain login with [username]@UPNDomain.
url java.lang.String LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
usePre111GroupCnBehavior java.lang.Boolean OR com.hashicorp.cdktf.IResolvable In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
userattr java.lang.String Attribute used for users (default: cn).
userdn java.lang.String LDAP domain to use for users (eg: ou=People,dc=example,dc=org).
useTokenGroups java.lang.Boolean OR com.hashicorp.cdktf.IResolvable If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

connectionOptional
public java.lang.Object getConnection();
  • Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection

countOptional
public java.lang.Object getCount();
  • Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount

dependsOnOptional
public java.util.List<ITerraformDependable> getDependsOn();
  • Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>

forEachOptional
public ITerraformIterator getForEach();
  • Type: com.hashicorp.cdktf.ITerraformIterator

lifecycleOptional
public TerraformResourceLifecycle getLifecycle();
  • Type: com.hashicorp.cdktf.TerraformResourceLifecycle

providerOptional
public TerraformProvider getProvider();
  • Type: com.hashicorp.cdktf.TerraformProvider

provisionersOptional
public java.lang.Object getProvisioners();
  • Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>

binddnRequired
public java.lang.String getBinddn();
  • Type: java.lang.String

Distinguished name of object to bind when performing user and group search.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#binddn AdSecretBackend#binddn}


bindpassRequired
public java.lang.String getBindpass();
  • Type: java.lang.String

LDAP password for searching for the user DN.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#bindpass AdSecretBackend#bindpass}


anonymousGroupSearchOptional
public java.lang.Object getAnonymousGroupSearch();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#anonymous_group_search AdSecretBackend#anonymous_group_search}


backendOptional
public java.lang.String getBackend();
  • Type: java.lang.String

The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#backend AdSecretBackend#backend}


caseSensitiveNamesOptional
public java.lang.Object getCaseSensitiveNames();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, case sensitivity will be used when comparing usernames and groups for matching policies.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#case_sensitive_names AdSecretBackend#case_sensitive_names}


certificateOptional
public java.lang.String getCertificate();
  • Type: java.lang.String

CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#certificate AdSecretBackend#certificate}


clientTlsCertOptional
public java.lang.String getClientTlsCert();
  • Type: java.lang.String

Client certificate to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_cert AdSecretBackend#client_tls_cert}


clientTlsKeyOptional
public java.lang.String getClientTlsKey();
  • Type: java.lang.String

Client certificate key to provide to the LDAP server, must be x509 PEM encoded.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_key AdSecretBackend#client_tls_key}


defaultLeaseTtlSecondsOptional
public java.lang.Number getDefaultLeaseTtlSeconds();
  • Type: java.lang.Number

Default lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#default_lease_ttl_seconds AdSecretBackend#default_lease_ttl_seconds}


denyNullBindOptional
public java.lang.Object getDenyNullBind();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#deny_null_bind AdSecretBackend#deny_null_bind}


descriptionOptional
public java.lang.String getDescription();
  • Type: java.lang.String

Human-friendly description of the mount for the backend.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#description AdSecretBackend#description}


disableRemountOptional
public java.lang.Object getDisableRemount();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If set, opts out of mount migration on path updates.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#disable_remount AdSecretBackend#disable_remount}


discoverdnOptional
public java.lang.Object getDiscoverdn();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Use anonymous bind to discover the bind DN of a user.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#discoverdn AdSecretBackend#discoverdn}


groupattrOptional
public java.lang.String getGroupattr();
  • Type: java.lang.String

LDAP attribute to follow on objects returned by in order to enumerate user group membership.

Examples: "cn" or "memberOf", etc. Default: cn

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupattr AdSecretBackend#groupattr}


groupdnOptional
public java.lang.String getGroupdn();
  • Type: java.lang.String

LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupdn AdSecretBackend#groupdn}


groupfilterOptional
public java.lang.String getGroupfilter();
  • Type: java.lang.String

Go template for querying group membership of user.

The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupfilter AdSecretBackend#groupfilter}


idOptional
public java.lang.String getId();
  • Type: java.lang.String

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.


insecureTlsOptional
public java.lang.Object getInsecureTls();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#insecure_tls AdSecretBackend#insecure_tls}


lastRotationToleranceOptional
public java.lang.Number getLastRotationTolerance();
  • Type: java.lang.Number

The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#last_rotation_tolerance AdSecretBackend#last_rotation_tolerance}


localOptional
public java.lang.Object getLocal();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Mark the secrets engine as local-only.

Local engines are not replicated or removed by replication.Tolerance duration to use when checking the last rotation time.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#local AdSecretBackend#local}


maxLeaseTtlSecondsOptional
public java.lang.Number getMaxLeaseTtlSeconds();
  • Type: java.lang.Number

Maximum possible lease duration for secrets in seconds.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_lease_ttl_seconds AdSecretBackend#max_lease_ttl_seconds}


maxTtlOptional
public java.lang.Number getMaxTtl();
  • Type: java.lang.Number

In seconds, the maximum password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_ttl AdSecretBackend#max_ttl}


namespaceOptional
public java.lang.String getNamespace();
  • Type: java.lang.String

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#namespace AdSecretBackend#namespace}


passwordPolicyOptional
public java.lang.String getPasswordPolicy();
  • Type: java.lang.String

Name of the password policy to use to generate passwords.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#password_policy AdSecretBackend#password_policy}


requestTimeoutOptional
public java.lang.Number getRequestTimeout();
  • Type: java.lang.Number

Timeout, in seconds, for the connection when making requests against the server before returning back an error.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#request_timeout AdSecretBackend#request_timeout}


starttlsOptional
public java.lang.Object getStarttls();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

Issue a StartTLS command after establishing unencrypted connection.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#starttls AdSecretBackend#starttls}


tlsMaxVersionOptional
public java.lang.String getTlsMaxVersion();
  • Type: java.lang.String

Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_max_version AdSecretBackend#tls_max_version}


tlsMinVersionOptional
public java.lang.String getTlsMinVersion();
  • Type: java.lang.String

Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_min_version AdSecretBackend#tls_min_version}


ttlOptional
public java.lang.Number getTtl();
  • Type: java.lang.Number

In seconds, the default password time-to-live.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#ttl AdSecretBackend#ttl}


upndomainOptional
public java.lang.String getUpndomain();
  • Type: java.lang.String

Enables userPrincipalDomain login with [username]@UPNDomain.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#upndomain AdSecretBackend#upndomain}


urlOptional
public java.lang.String getUrl();
  • Type: java.lang.String

LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#url AdSecretBackend#url}


usePre111GroupCnBehaviorOptional
public java.lang.Object getUsePre111GroupCnBehavior();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_pre111_group_cn_behavior AdSecretBackend#use_pre111_group_cn_behavior}


userattrOptional
public java.lang.String getUserattr();
  • Type: java.lang.String

Attribute used for users (default: cn).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userattr AdSecretBackend#userattr}


userdnOptional
public java.lang.String getUserdn();
  • Type: java.lang.String

LDAP domain to use for users (eg: ou=People,dc=example,dc=org).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userdn AdSecretBackend#userdn}


useTokenGroupsOptional
public java.lang.Object getUseTokenGroups();
  • Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable

If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

This will find all security groups including nested ones.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_token_groups AdSecretBackend#use_token_groups}